All the latest UK technology news, reviews and analysis
|
|
|
23 Sep 2009
Security researchers have discovered a new kind of phishing threat for online banking customers, which they have dubbed a ‘Chat-in-the-Middle’ attack.
The RSA FraudAction Research Lab outlined the incident, which has so far occurred at only one US-based financial institution, in its monthly intelligence report for August and coined the new phrase to describe it.
The attack started off as a routine phishing venture, with customers encouraged to enter their user name and password into a regular phishing site using scam emails. Once they had undertaken this activity, a bogus live chat support window popped up and fraudsters introduced themselves as members of the bank’s fraud department who needed customers to validate their details.
The malicious individuals then attempted to dupe them into divulging sensitive personal information such as name, email address and phone number as well as answers to secret questions used for authentication purposes.
RSA Security informed the bank of what was happening as soon as it discovered the incident and its Anti-Fraud Command Center and FraudAction service initiated standard phishing attack shut-down procedures. The attack took place from a well-known fast-flux network, which is hired for use by different fraudsters, and hosts a range of malicious web sites.
Unfortunately, however, it looks like the number of such fast-flux-based attacks is only set to increase. A huge 38 per cent jump in the quantity of such activity in August meant that the month saw the highest number of phishing attacks ever at 16,164.
This figure compares with the last peak in April 2008, when 15,002 such attacks occurred. Assaults from fast-flux networks accounted for 73 per cent of attacks last month, up from 61 per cent the previous month. Hijacked websites came second at 18 per cent.
"I believe that within a year we'll also see this attack used in Trojans, making it even more dangerous: you log into your real bank website, and all of the sudden the bank wants to talk to you," argued RSA's head of new technologies, Uri Rivner.
"You simply don't know that behind the scenes there's a Trojan residing on your desktop, intercepting the session and automatically triggering a chat box with a fraudster half across the globe. Many will fall for that".
Latest stories from Security
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Application Security SME, Penetration Tester / Ethical...
Java Developer Thomas Cook Online is the business unit...
Contract Systems Administrator, Southampton My...
PHP Web Developer required to join my market-leading...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Since when?
Since when does a chat feature for a bank initiate a session, as opposed to you requesting a chat session with the bank? That should be the (easy) first clue to the illegitimacy of the attempt.
Posted by: EJ 23 Sep 2009